Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Suggestions for #3160 #3272

Merged
merged 4 commits into from
Oct 10, 2024
Merged

Suggestions for #3160 #3272

merged 4 commits into from
Oct 10, 2024

Commits on Oct 10, 2024

  1. tls: Avoid InsertParam parameter. 

    We don't actually use InsertParam all that much--only in the TLS server (which
is obviously why it was included here). This change removes the InsertParam in
favor of using a tuple, generally reducing boilerplate.

It turns out that the TLS stack already has a map_target to handle turning the
tuple-target into a Tls type, so it shouldn't be needed.
    @olix0r
    olix0r committed Oct 10, 2024
    Configuration menu
    Copy the full SHA
    f78aa64 View commit details
    Browse the repository at this point in the history

  2. tls: Remove ExtractParam from detect_sni 

    Similarly, we don't actually care about extracting a timeout from the target.
Using an ExtractParam causes needless boilerplate.

This change updates the stack module to simply take a timeout parameter at
construction time.
    @olix0r
    olix0r committed Oct 10, 2024
    Configuration menu
    Copy the full SHA
    67c0e84 View commit details
    Browse the repository at this point in the history

  3. tls: Make the detect_tls module private 

    We now only need to export the NewDetectSni type. The module reexport is not
necessary.
    @olix0r
    olix0r committed Oct 10, 2024
    Configuration menu
    Copy the full SHA
    f6202d6 View commit details
    Browse the repository at this point in the history

  4. tls: Reorganize NewDetectRequiredSni under the server module 

    Because the DetectTls and DetectSni types are so similar -- and implemented in
the context of a server inspecting a provided connection (and not a client
establishing a TLS connection), this change reorganizes the module:

* The DetectSni types are renamed to DetectRequiredSni to better reflect their
  purpose and difference from the DetectTls type.
* The detect_sni module is renamed and moved to server::required_sni. This
  module is private and the relevant types are reexported from the server
  module.
    @olix0r
    olix0r committed Oct 10, 2024
    Configuration menu
    Copy the full SHA
    ae88d2e View commit details
    Browse the repository at this point in the history